[Git][NTPsec/ntpsec][master] 2 commits: In ntp_control.c, some information hiding.

Fri Nov 4 11:40:41 UTC 2016

Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
886e4121 by Eric S. Raymond at 2016-11-04T05:26:03-04:00
In ntp_control.c, some information hiding.

There's a bug that causes binary garbage to be shipped at packet flush
time.  This is a pure refactoring step preparatoty to solving it.

- - - - -
155a1aac by Eric S. Raymond at 2016-11-04T07:40:26-04:00
Optionally suppress Mode 6 response randomization for debugging.

- - - - -


1 changed file:

- ntpd/ntp_control.c


Changes:

=====================================
ntpd/ntp_control.c
=====================================

--- a/ntpd/ntp_control.c
+++ b/ntpd/ntp_control.c
@@ -25,6 +25,9 @@
 #include "lib_strbuf.h"
 #include "ntp_syscall.h"
 
+/* undefine to suppress random tags and get fixed emission order */
+#define RANDOMIZE_RESPONSES
+
 /*
  * Structure to hold request procedure information
  */
@@ -82,7 +85,9 @@ static	void	read_clockstatus(struct recvbuf *, int);
 static	void	write_clockstatus(struct recvbuf *, int);
 static	void	configure	(struct recvbuf *, int);
 static	void	send_mru_entry	(mon_entry *, int);
+#ifdef RANDOMIZE_RESPONSES
 static	void	send_random_tag_value(int);
+#endif /* RANDOMIZE_RESPONSES */
 static	void	read_mru_list	(struct recvbuf *, int);
 static	void	send_ifstats_entry(endpt *, u_int);
 static	void	read_ifstats	(struct recvbuf *);
@@ -618,7 +623,6 @@ static associd_t res_associd;
 static u_short	res_frags;	/* datagrams in this response */
 static int	res_offset;	/* offset of payload in response */
 static uint8_t * datapt;
-static uint8_t * dataend;
 static int	datalinelen;
 static bool	datasent;	/* flag to avoid initial ", " */
 static bool	datanotbinflag;
@@ -777,7 +781,6 @@ process_control(
 	datalinelen = 0;
 	datasent = false;
 	datapt = rpkt.u.data;
-	dataend = &rpkt.u.data[CTL_MAX_DATA_LEN];
 
 	if ((rbufp->recv_length & 0x3) != 0)
 		DPRINTF(3, ("Control packet length %zd unrounded\n",
@@ -1012,6 +1015,7 @@ ctl_putdata(
 {
 	int overhead;
 	unsigned int currentlen;
+	const uint8_t * dataend = &rpkt.u.data[CTL_MAX_DATA_LEN];
 
 	overhead = 0;
 	if (!bin) {
@@ -3070,6 +3074,7 @@ static int validate_nonce(
 }
 
 
+#ifdef RANDOMIZE_RESPONSES
 /*
  * send_random_tag_value - send a randomly-generated three character
  *			   tag prefix, a '.', an index, a '=' and a
@@ -3101,6 +3106,7 @@ send_random_tag_value(
 	snprintf(&buf[4], sizeof(buf) - 4, "%d", indx);
 	ctl_putuint(buf, noise);
 }
+#endif /* RANDOMIZE_RESPONSE */
 
 
 /*
@@ -3124,7 +3130,7 @@ send_mru_entry(
 	char	tag[32];
 	bool	sent[6]; /* 6 tag=value pairs */
 	uint32_t noise;
-	u_int	which;
+	u_int	which = 0;
 	u_int	remaining;
 	const char * pch;
 
@@ -3132,7 +3138,9 @@ send_mru_entry(
 	ZERO(sent);
 	noise = ntp_random();
 	while (remaining > 0) {
-		which = (noise & 7) % COUNTOF(sent);
+#ifdef RANDOMIZE_RESPONSES
+	 	which = (noise & 7) % COUNTOF(sent);
+#endif /* RANDOMIZE_RESPONSES */
 		noise >>= 3;
 		while (sent[which])
 			which = (which + 1) % COUNTOF(sent);
@@ -3503,8 +3511,10 @@ static void read_mru_list(
 			continue;
 
 		send_mru_entry(mon, count);
+#ifdef RANDOMIZE_RESPONSES
 		if (!count)
 			send_random_tag_value(0);
+#endif /* RANDOMIZE_RESPONSES */
 		count++;
 		prior_mon = mon;
 	}
@@ -3514,8 +3524,10 @@ static void read_mru_list(
 	 * a now= l_fp timestamp.
 	 */
 	if (NULL == mon) {
+#ifdef RANDOMIZE_RESPONSES
 		if (count > 1)
 			send_random_tag_value(count - 1);
+#endif /* RANDOMIZE_RESPONSES */
 		ctl_putts("now", &now);
 		/* if any entries were returned confirm the last */
 		if (prior_mon != NULL)
@@ -3555,7 +3567,7 @@ send_ifstats_entry(
 	uint8_t	sent[IFSTATS_FIELDS]; /* 12 tag=value pairs */
 	int	noisebits;
 	uint32_t noise;
-	u_int	which;
+	u_int	which = 0;
 	u_int	remaining;
 	const char *pch;
 
@@ -3568,7 +3580,9 @@ send_ifstats_entry(
 			noise = ntp_random();
 			noisebits = 31;
 		}
+#ifdef RANDOMIZE_RESPONSES
 		which = (noise & 0xf) % COUNTOF(sent);
+#endif /* RANDOMIZE_RESPONSES */
 		noise >>= 4;
 		noisebits -= 4;
 
@@ -3645,7 +3659,9 @@ send_ifstats_entry(
 		sent[which] = true;
 		remaining--;
 	}
+#ifdef RANDOMIZE_RESPONSES
 	send_random_tag_value((int)ifnum);
+#endif /* RANDOMIZE_RESPONSES */
 }
 
 
@@ -3728,7 +3744,7 @@ send_restrict_entry(
 	uint8_t		sent[RESLIST_FIELDS]; /* 4 tag=value pairs */
 	int		noisebits;
 	uint32_t		noise;
-	u_int		which;
+	u_int		which = 0;
 	u_int		remaining;
 	sockaddr_u	addr;
 	sockaddr_u	mask;
@@ -3747,7 +3763,9 @@ send_restrict_entry(
 			noise = ntp_random();
 			noisebits = 31;
 		}
+#ifdef RANDOMIZE_RESPONSES
 		which = (noise & 0x3) % COUNTOF(sent);
+#endif /* RANDOMIZE_RESPONSES */
 		noise >>= 2;
 		noisebits -= 2;
 
@@ -3791,7 +3809,9 @@ send_restrict_entry(
 		sent[which] = true;
 		remaining--;
 	}
+#ifdef RANDOMIZE_RESPONSES
 	send_random_tag_value((int)idx);
+#endif /* RANDOMIZE_RESPONSES */
 }
 
 



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/8246d29698d4df9aadf67afbbd81694bbcffacc7...155a1aac403b8a458639014e3eb91c3f0c183012
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/vc/attachments/20161104/fb633ecf/attachment.html>
